Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

News & Commentary
With GDPR's 'Right of Access,' Who Really Has Access?
Kelly Sheridan, Staff Editor, Dark ReadingNews
How a security researcher learned organizations willingly hand over sensitive data with little to no identity verification.
By Kelly Sheridan Staff Editor, Dark Reading, 6/19/2019
Comment0 comments  |  Read  |  Post a Comment
The Evolution of Identity
Kathleen Peters, SVP & Head of Fraud & Identity, ExperianCommentary
How data and technology can help businesses make the right fraud decisions, protect people's identities, and create an improved customer experience.
By Kathleen Peters SVP & Head of Fraud & Identity, Experian, 6/18/2019
Comment0 comments  |  Read  |  Post a Comment
Unmixed Messages: Bringing Security & Privacy Awareness Together
Tom Pendergast & Jeff Morgenroth, Chief Learning Officer at MediaPRO/Instructional Designer at MediaPROCommentary
Security and privacy share the same basic goals, so it just makes sense to combine efforts in those two areas. But that can be easier said than done.
By Tom Pendergast & Jeff Morgenroth Chief Learning Officer at MediaPRO/Instructional Designer at MediaPRO, 6/10/2019
Comment0 comments  |  Read  |  Post a Comment
Researchers Finds Thousands of iOS Apps Ignoring Security
Curtis Franklin Jr., Senior Editor at Dark ReadingNews
A critical data encryption tool, included by default in iOS, is being turned off in more than two-thirds of popular apps.
By Curtis Franklin Jr. Senior Editor at Dark Reading, 6/5/2019
Comment1 Comment  |  Read  |  Post a Comment
Why FedRAMP Matters to Non-Federal Organizations
Daniel P. Kent, Director, Public Sector Engineering & CTO, Cisco SystemsCommentary
Commercial companies should explore how FedRAMP can help mitigate risk as they move to the cloud.
By Daniel P. Kent Director, Public Sector Engineering & CTO, Cisco Systems, 6/4/2019
Comment0 comments  |  Read  |  Post a Comment
Certifiably Distracted: The Economics of Cybersecurity
Dan Didier, VP of Services, GreyCastle SecurityCommentary
Is cybersecurity worth the investment? It depends.
By Dan Didier VP of Services, GreyCastle Security, 6/3/2019
Comment1 Comment  |  Read  |  Post a Comment
GDPRs First-Year Impact By the Numbers
Ericka Chickowski, Contributing Writer
The latest statistics on GDPR spending, compliance rates, enforcement and consumer attitudes on privacy protection.
By Ericka Chickowski Contributing Writer, 5/31/2019
Comment1 Comment  |  Read  |  Post a Comment
Data Asset Management: What Do You Really Need?
Kelly Sheridan, Staff Editor, Dark ReadingNews
At Interop, a cybersecurity and privacy leader explains her approach to data management and governance at a massive, decentralized company.
By Kelly Sheridan Staff Editor, Dark Reading, 5/22/2019
Comment0 comments  |  Read  |  Post a Comment
A Trustworthy Digital Foundation Is Essential to Digital Government
Gus Hunt, Managing Director and Cyber Strategy Lead for Accenture Federal ServicesCommentary
Agencies must take steps to ensure that citizens trust in the security of government's digital channels.
By Gus Hunt Managing Director and Cyber Strategy Lead for Accenture Federal Services, 5/17/2019
Comment1 Comment  |  Read  |  Post a Comment
Microsoft Builds on Decentralized Identity Vision
Kelly Sheridan, Staff Editor, Dark ReadingNews
The company elaborates on its plan to balance data control between businesses and consumers by giving more autonomy to individuals.
By Kelly Sheridan Staff Editor, Dark Reading, 5/15/2019
Comment0 comments  |  Read  |  Post a Comment
Commercial Spyware Uses WhatsApp Flaw to Infect Phones
Robert Lemos, Contributing WriterNews
A single flaw allowed attackers thought to be linked to a government to target human rights workers and install surveillance software by sending a phone request. The victims did not even have to answer.
By Robert Lemos Contributing Writer, 5/14/2019
Comment0 comments  |  Read  |  Post a Comment
78% of Consumers Say Online Companies Must Protect Their Info
Steve Zurier, Contributing WriterNews
Yet 68% agree they also must do more to protect their own information.
By Steve Zurier Contributing Writer, 5/13/2019
Comment1 Comment  |  Read  |  Post a Comment
Better Behavior, Better Biometrics?
Rajiv Dholakia, VP Products, Nok Nok LabsCommentary
Behavioral biometrics is a building block to be used in conjunction with other security measures, but it shows promise.
By Rajiv Dholakia VP Products, Nok Nok Labs, 5/7/2019
Comment0 comments  |  Read  |  Post a Comment
California Consumer Privacy Act: 4 Compliance Best Practices
Chris Babel, CEO, TrustArcCommentary
Companies that get ahead of the January 2020 data privacy deadline can minimize the risk of sanctions and also gain a competitive advantage in the marketplace.
By Chris Babel CEO, TrustArc, 4/30/2019
Comment0 comments  |  Read  |  Post a Comment
Microsoft 365 Updated with New Compliance, Encryption, Privacy Controls
Kelly Sheridan, Staff Editor, Dark ReadingNews
New tools, such as Compliance Manager and Advanced Message Encryption, aim to give businesses more options for data privacy.
By Kelly Sheridan Staff Editor, Dark Reading, 4/30/2019
Comment0 comments  |  Read  |  Post a Comment
Credit Card Compromise Up 212% as Hackers Eye Financial Sector
Kelly Sheridan, Staff Editor, Dark ReadingNews
Financial services firms saw upticks in credential leaks and credit card compromise as cybercriminals go where the money is.
By Kelly Sheridan Staff Editor, Dark Reading, 4/29/2019
Comment0 comments  |  Read  |  Post a Comment
A Rear-View Look at GDPR: Compliance Has No Brakes
Daniel Barber, CEO & Co-founder, DataGrailCommentary
With a year of Europe's General Data Protection Regulation under our belt, what have we learned?
By Daniel Barber CEO & Co-founder, DataGrail, 4/29/2019
Comment0 comments  |  Read  |  Post a Comment
Will the US Adopt a National Privacy Law?
Seth P.  Berman, Partner, NutterCommentary
Probably not before the 2020 election. But keep an eye on this Congress as legislators debate how to define personal data and what limits to place on how companies use it.
By Seth P. Berman Partner, Nutter, 4/23/2019
Comment0 comments  |  Read  |  Post a Comment
Facebook Accidentally Imported 1.5M Users' Email Data Sans Consent
Dark Reading Staff, Quick Hits
The social media giant says it did not access the imported data and is notifying affected users.
By Dark Reading Staff , 4/18/2019
Comment2 comments  |  Read  |  Post a Comment
Benefiting from Data Privacy Investments
Marc Wilczek, Digital Strategist & CIO AdvisorCommentary
GDPR-ready companies experience lower overall costs associated with data breaches, research finds.
By Marc Wilczek Digital Strategist & CIO Advisor, 4/16/2019
Comment0 comments  |  Read  |  Post a Comment
More Stories
Current Conversations
More Conversations
Florida Town Pays $600K to Ransomware Operators
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/20/2019
Pledges to Not Pay Ransomware Hit Reality
Robert Lemos, Contributing Writer,  6/21/2019
AWS CISO Talks Risk Reduction, Development, Recruitment
Kelly Sheridan, Staff Editor, Dark Reading,  6/25/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-10164
PUBLISHED: 2019-06-26
PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user's own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL...
CVE-2019-11583
PUBLISHED: 2019-06-26
The issue searching component in Jira before version 8.1.0 allows remote attackers to deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name".
CVE-2019-4234
PUBLISHED: 2019-06-26
IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the implementation of locking feature in pattern editor. An attacker by intercepting the subsequent requests can bypass business logic to modify the pattern to unlocked state. IBM X-Force ID: 159416.
CVE-2019-4235
PUBLISHED: 2019-06-26
IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 159417.
CVE-2019-4241
PUBLISHED: 2019-06-26
IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local access to bypass authentication and obtain administrative access. IBM X-Force ID: 159467.